Financial service organizations have attempted to implement roles-based systems to address these challenges. But real-world experience have shown that unless roles fit into a context that ties together existing entitlements, company policies, regulatory requirements, and current business process realities, they simply don’t work. Without this context, the result is a system that can’t meet the demands of federal regulations such as the Sarbanes-Oxley Act (SOX) and Gramm-Leach-Bliley (GLB) Act in the U.S.”]
Source: https://www.bankinfosecurity.com/whitepapers/meeting-challenges-roles-based-access-governance-w-152